JSR-000058 Java TM 2 Platform, Enterprise Edition 1.3 Specification

More documents

Recommendations

Info

3. Security 3-1 3.1 Introduction 3-1 3.2 A Simple Example 3-2 3.3 Security Architecture 3-5 3.3.1 Goals 3-5 3.3.2 Non Goals 3-6 3.3.3 Terminology 3-7 3.3.4 Container Based Security 3-8 3.3.5 Declarative Security 3-8 3.3.6 Programmatic Security 3-8 3.3.7 Distributed Security 3-9 3.3.8 Authorization Model 3-10 3.3.9 Role Mapping 3-10 3.3.10 HTTP Login Gateways 3-11 3.3.11 User Authentication 3-11 3.3.11.1 Web Client 3-11 HTTP Basic Authentication 3-12 HTTPS Authentication 3-12 Form Based Authentication 3-13 Web Single Signon 3-13 Login Session 3-13 3.3.11.2 Application Client 3-14 3.3.11.3 Lazy Authentication 3-14 3.4 User Authentication Requirements 3-15 3.4.1 Web Clients 3-15 3.4.1.1 Web Single Signon 3-15 3.4.1.2 Login Sessions 3-15 3.4.1.3 Required Login Mechanisms 3-15 3.4.1.4 Unauthenticated Users 3-16 3.4.2 Application Clients 3-17 3.4.3 Resource Authentication Requirements 3-18 vi Java 2 Platform Enterprise Edition, v1.3, Proposed Final Draft (Sun Microsystems, Inc.)
3.5 Authorization Requirements 3-19 3.5.1 Code Authorization 3-19 3.5.2 Caller Authorization 3-20 3.6 Deployment Requirements 3-20 3.7 Future Directions 3-21 3.7.1 Auditing 3-21 4. Transaction Management 4-1 4.1 Overview 4-1 4.2 Requirements 4-3 4.2.1 Web Components 4-3 4.2.2 Enterprise JavaBeans Components 4-5 4.2.3 Application Clients 4-5 4.2.4 Applet Clients 4-5 4.2.5 Transactional JDBC Technology Support 4-5 4.2.6 Transactional JMS Support 4-5 4.2.7 Transactional Resource Adapter Support 4-6 4.3 Transaction Interoperability 4-6 4.3.1 Multiple J2EE Platform Interoperability 4-6 4.3.2 Support for Transactional Resource Managers 4-6 4.4 Local Transaction Optimization 4-7 4.4.1 Requirements 4-7 4.4.2 A Possible Design 4-7 4.5 Connection Sharing 4-8 4.6 System Administration Tools 4-9 5. Naming 5-1 5.1 Overview 5-1 5.2 Java Naming and Directory Interface (JNDI) Naming Context 5-2 5.2.1 Application Component Provider’s Responsibilities 5-3 5.2.1.1 Access to application component’s environment 5-3 Contents vii
Page 1 and 2: Java 2 Platform Enterprise Edition
Page 3 and 4: RESTRICTED RIGHTS LEGEND. If this S
Page 5: Contents 1. Introduction 1-1 Acknow
Page 9 and 10: 5.6.3 J2EE Product Provider’s Res
Page 11 and 12: 11.2 JNLP (Java Web Start) 11-2 11.
Page 13 and 14: CHAPTER 1 Introduction Enterprises
Page 15 and 16: CHAPTER 2 Platform Overview This ch
Page 17 and 18: Underlying the J2EE containers is t
Page 19 and 20: may use JavaIDL to act as clients o
Page 21 and 22: 2.2 Product Requirements This speci
Page 23 and 24: A J2EE Product Provider must provid
Page 25 and 26: 2.5 Platform Contracts 2.5.1 J2EE A
Page 27 and 28: CHAPTER 3 Security This chapter des
Page 29 and 30: Step 2: Initial Authentication The
Page 31 and 32: “not authorized” outcome is rea
Page 33 and 34: 3.3.3 Terminology This section intr
Page 35 and 36: These methods allow components to m
Page 37 and 38: The source of security attributes m
Page 39 and 40: Form Based Authentication The look
Page 41 and 42: 3.4 User Authentication Requirement
Page 43 and 44: ■ Allow the deployer or system ad
Page 45 and 46: The support for principal delegatio
Page 47 and 48: While most J2EE products will allow
Page 49 and 50: CHAPTER 4 Transaction Management Th
Page 51 and 52: 4.2 Requirements This section defin
Page 53 and 54: 4.2.2 Enterprise JavaBeans Componen
Page 55 and 56: JMS providers use the javax.transac
Page 57 and 58:
J2EE application components may use
Page 59 and 60:
CHAPTER 5 Naming This chapter descr
Page 61 and 62:
3. The Deployer uses the tools prov
Page 63 and 64:
5.2.1.2 Declaration of environment
Page 65 and 66:
■ Provide a deployment tool that
Page 67 and 68:
5.3.1.2 Declaration of EJB referenc
Page 69 and 70:
This is a reference to the entity b
Page 71 and 72:
special entries in the application
Page 73 and 74:
5.4.1.2 Declaration of resource man
Page 75 and 76:
■ Bind the resource manager conne
Page 77 and 78:
5.5.1.1 Resource environment refere
Page 79 and 80:
■ The Deployer must ensure that a
Page 81 and 82:
5.6.4 System Administrator’s Resp
Page 83 and 84:
CHAPTER 6 Application Programming I
Page 85 and 86:
6.2 Java 2 Platform, Standard Editi
Page 87 and 88:
Note that an operating system that
Page 89 and 90:
6.2.2.3 JDBC API The JDBC API allow
Page 91 and 92:
■ setBinaryStream(int parameterIn
Page 93 and 94:
6.2.2.5 RMI-JRMP 6.2.2.6 RMI-IIOP I
Page 95 and 96:
6.2.2.7 JNDI A J2EE product must ma
Page 97 and 98:
enterprise beans. All EJB container
Page 99 and 100:
typically not possible to create th
Page 101 and 102:
The JavaMail API uses the JavaBeans
Page 103 and 104:
6.12 J2EE Connector Architecture 1.
Page 105 and 106:
CHAPTER 7 Interoperability This cha
Page 107 and 108:
■ HTTP 1.0—This is the core pro
Page 109 and 110:
■ Class file format—The class f
Page 111 and 112:
CHAPTER 8 Application Assembly and
Page 113 and 114:
8.1 Application Development Life Cy
Page 115 and 116:
8.1.3 Application Assembly A J2EE a
Page 117 and 118:
. Synchronize security role-names a
Page 119 and 120:
8.3.1 Deploying a Stand-Alone J2EE
Page 121 and 122:
8.4 J2EE:application XML DTD This s
Page 123 and 124:
Chapter 8 Application Assem
Page 125 and 126:
Chapter 8 Application Asse
Page 127 and 128:
CHAPTER 9 Application Clients This
Page 129 and 130:
9.3 Transactions Application client
Page 131 and 132:
or the DOCTYPE declaration from a p
Page 133 and 134:
--> Chapter 9 Application Cli
Page 135 and 136:
The env-entry element contains the
Page 137 and 138:
com.wombat.empl.EmployeeService -->
Page 139 and 140:
The resource-env-ref-type element s
Page 141 and 142:
CHAPTER 10 Service Provider Interfa
Page 143 and 144:
CHAPTER 11 Future Directions This v
Page 145 and 146:
11.4 JDBC RowSets RowSets provide a
Page 147 and 148:
APPENDIX A Previous Version DTDs Th
Page 149 and 150:

Page 151 and 152:
Chapter A Previo
Page 153 and 154:
Chapter A Previous Version D
Page 155 and 156:
Chapter A Previous Version DTD
Page 157 and 158:
Chapter A Previous Version DTD
Page 159 and 160:
Chapter A Previous
Page 161 and 162:
APPENDIX A Revision History A.1 Cha
Page 163 and 164:
■ Clarified roles of JRMP and RMI
Page 165 and 166:
A.5 Changes in Proposed Final Draft
Page 167 and 168:
APPENDIX B Related Documents This s
Page 169 and 170:
The SSL Protocol, Version 3.0. Avai
show all

JSR-000058 Java TM 2 Platform, Enterprise Edition 1.3 Specification

Create successful ePaper yourself

Delete template?

Save as template?